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THAT WH+CH IS CLAIMED IS: 

A method of generating RSA cryptographic 
the method comprising the steps of: 
o)s(taining entity specific information (B) about a 

user ; 

' obtaisning a first secret seed value (Wp) and a 
second secr\t seed value (W^) ; 

obtaining a third, publicly known, randomization 
value (IV) havrng a first portion (IVp) and a second 
portion (IVq) ; 

dividing a po^>^ntial range of RSA encryption 
values into a first \nterval and a second intervals- 
generating a firs^ initial value (XXp) based on the 
first secret seed value \Wp) , the second secret seed 
value • (Wq) and the first p\rtion of the third 
randomization value (IVp); \ 

mapping the first initia\ value to an entity 
specific segment of the first rfaterval utilizing the 
obtained entity specific informatsion (B) to provide a 
mapped first initial value (Xp) ; \ 

selecting a first entity dependent RSA 
cryptographic value (p) from the entiiw specific 
segment of the first interval utilizing^ the mapped 
first initial value as a starting point for a search 
for the first entity dependent RSA cryptogVaphic valued- 
generating a second initial value!, (XXq)\based on 
the first entity dependent RSA cryptographic Value (p) , 
the second secret seed value (W^) and the f irstXportion 
of the third randomization value (IV^); \ 

mapping the second initial value to a entity \ 
specific segment of the second interval utilizing the 
obtained entity specific information to provide a \ 
mapped second initial value (Xq) ; and \ 

selecting a second entity dependent RSA 
cryptographic value (q) from the entity specific 
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segment of the second interval utilizing the mapped 
second initial value as a starting point for a search 
for the second entity dependent RSA cryptographic 
\value . 

2. A method according to Claim 1, further 
comprising the step of generating auxiliary prime 
divisx^rs corresponding to the first entity dependent 
RSA cr'^ptographic value (p) and the second entity 

5 dependent RSA cryptographic value (q) . 
\ 

\ 

3. ^A method according to Claim 2, wherein the 
auxiliary pVime divisors are generated based upon the 
first secret^Ngeed value (Wp) , the second secret seed 
value (Wq) and\the third randomization value (IV). 

\ 

4. A metho'^^ according to Claim 3, wherein Po is a 
publicly known prirft^ number whose length is at least n 
bits and g is a publ"^^ generator, and wherein the step 
of generating auxiliarV prime divisors comprises the 

5 steps of : \ 

concatenat ing the f ikst secret seed value (Wp) , the 
second secret seed value (W^) and the third 
randomization value (IV) so ^ to provide an exponent 
value (X) ; 

10 determining an initial random value by determining 

Y=gr^(modpo) ; 

selecting initial prime searcl\ values from the 

initial random, valued- 
setting the most significant bit\pf the initial 
15 prime search values to "1" to provide r^nal prime 

search values; and 

selecting as the prime divisors the ^allest prime 

value greater than or equal to the final pr\me search 

values - 
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\ 5. A method according to Claim 4, further 
comprising the steps of: 

Selecting at least one of a new first secret seed 
value Wp) , a new second secret seed value (W^) and a 
new thir'd randomization value (IV) if the length of at 
least one\pf the prime divisors is greater than the 
length of the final prime search values; and 

re-geneVating the prime divisors if the length of 
at least one cif the prime divisors is greater than the 
length of the ^inal prime search values. 

6. A metho\i according to Claim 4, wherein the 
initial prime searcsh values have a first length if a 
public encryption exponent (e) has an odd value and a 
second length of the Vublic encryption exponent (e) has 
an even value. \ 

7'. A method according to Claim 5, wherein the 
first length is 120 bits aXd the second length is 118 
bits. \ 

8. A method according tcs Claim 1, wherein the 
entity specific segments comprisye the segments [A+(B(C- 
A) ) /2^, A+({B+1) (C-A))/2^] whereiX A and C are the 
endpoints of the respective intervals and the entity 
specific information comprises b bixis . 

9. A method according to Claim wherein the 
RSA cryptographic values comprise n bit\ and wherein 
the first interval comprises RSA cryptogrsaphic values 
from the set of [V2 ( 2^"^ , 2^-^+2^-^/2] theXsecond 
interval comprises RSA cryptographic valuesXfrom the 
set of [2^-^+2^-^/^ 2"] . \ 



\ 



\ 10. A method according to Claim 9, wherein the 
binai^y size of the RSA cryptographic values are 2n, a 
size ^ is n-b-2 and wherein the step of mapping the 
first ^nitial value comprises the steps of: 
5 linearly mapping the first initial value to a 

entity specific segment of the first interval utilizing 
the obtained entity specific information (B) utilizing 
the linearXmapping function 
\ 

G, =4 (l-VL)x+722"-^ + 4 (1-— ) (S-1) and 

10 selecting^^s the mapped first initial value (Xp) 

the integer valii'^ which is not greater than the first 

\ 

initial value (XXN^) mapped utilizing the mapping function 
Gi^y; and 

wherein the sti^p of mapping the second initial 
15 value comprises the ^tep of linearly mapping the second 
initial value to a entity specific segment of the 
second interval utilizi^ng the obtained entity specific 
information (B) utilizing the linear mapping 

1 \ 1 

function ^(x) =4 (1-— ) xt2""^+2""^^^ + 4 ( 1-— ) {B-l)2"'"^- 

v/2 \ n/2 
\ 

\ 
\ 
\ 

20 selecting as the mapped Nsecond initial value (Xg) 

the integer value which is notV greater than the second 
initial value (XX^) mapped utiliz^ing the mapping function 



11. A method according to Cla^im 1, wherein the 
entity specific information is biometric information, 

12. A method according to Claim 1, wherein the 
entity specific information is a globally unique user 
identification . 
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13. A method according to Claim 1, further 
cOgnprising the steps of: 

determining if a candidate for p is considered 
out^^ide the range of RSA cryptographic values in the 
entift^y specific segment of the first interval; 

fleeting at least one of a new first secret seed 
value CWp) / a new second secret seed value (W^) and a 
new thiri^ randomization value (IV) if a candidate for p 
IS considered outside the range of RSA cryptographic 
10 values in t^he entity specific segment of the first 
interval; 

determinimg if a candidate for q is considered 
outside the rairge of RSA cryptographic values in the 
entity specific siegment of the second interval; 
15 selecting atXleast one of a new first secret seed 

value (Wp) , a new ser:ond secret seed value (W^) and a 
new third randomi zat iSpn value (IV) if a candidate for q 
is considered outside \he range of RSA cryptographic 
values in the entity specific segment of the second 
20 interval; and 

restarting the cryptographic value generation 
utilizing the first and second secret seed values and 
third randomization value if Wther a candidate for p 
is considered outside the range^ of RSA cryptographic 
25 values in the entity specific seWient of the first 

interval or if a candidate for q oNs considered outside 
the range of RSA cryptographic values in the entity 
specific segment of the second intervsal. 



14- A method according to Claim 1 N^urther 
comprising the steps of: 

determining if 2^^-l candidates for p have been 
rejected in selecting the first entity depen(dent RSA 
cryptographic value; 
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\ selecting at least one of a new first secret seed 
value (Wp) , a new second secret seed value (W^) and a 
new third randomization value (IV) if 2^^-l candidates 
for\p have been rejected in selecting the first entity 

10 dependent RSA cryptographic value; 

determining if 2^^-l candidates for q have been 
rejecte\l in selecting the second entity dependent RSA 
cryptogromhic value ; 

selecting at least one of a new first secret seed 

15 value (Wp) ,\a new second secret seed value (W^) and a 
new third randomization value (IV) if 2^^-l candidates 
for q have beeo rejected in selecting the second entity 
dependent RSA cVyptographic value; and 

restarting islae cryptographic generation utilizing 

20 the first and second secret seed values and third 

randomization value\ if either 2^^-l candidates for p 
have been rejected in. selecting the first entity 
dependent RSA cryptographic value or if 2^^-l candidates 
for q have been rejectee^ in selecting the second entity 

25 dependent RSA cryptograpnsic value. 



15. A method according, to Claim 1, wherein the 
step of generating a first insitial value comprises the 
steps of: \ 

mixing a concatenation of and IV^ utilizing a 
5 publicly known mixing function; \ 

concatenating Wp and IVp; and \ 

EXCLUSIVE-ORing the mixed concaVenation of Wg and 

IVq and the concatenation Wp and IVp tOv provide the 

first initial value (XXp) ; and \ 
10 wherein the step of generating a se\;ond initial 

value comprises the steps of: \ 
EXCLUSIVE ORing p and IVp; \ 
mixing the EXCLUSIVE OR of p and IVp utilizing the 

publicly known mixing function; \ 



15 



10 



15 



concatenating and IV^; and 

EXCLUSIVE-ORing the mixed EXCLUSIVE OR of p and IVp 
md the concatenation of and IV^ to provide the 
second initial value (XX^) . 

16. A method according to Claim 1, further 
comprising the step of authenticating generated 
candidate RSA cryptographic values. 
\ 
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method according to Claim 16^ wherein the 
step of a^uthenticating comprises the steps of: 

recoApring two candidate prime values utilizing 
the RSA pu^>^ic modulus (N) and the private signature 
exponent (d)\ 

establisf^ing a first of the two prime values as a 
first candidate, cryptographic value (p') and the second 
of the two prime\ values as a second candidate 
cryptographic val^e (q*); 

recovering fi&st and second candidate seed values 



and Wq* from theXfirst and second candidate 



cryptographic values * and q' and from the third 
publicly known seed vaJuie IV; 

generating first arrd second RSA cryptographic 
values p' ' and q' ' utiliz\ng Wp ' and W^' and IV; and 

comparing p* and p' ' and q' and q' ' to 
authenticate the RSA cryptographic values. 



18. A method according tov Claim 17, further 
comprising the step of determinil^ that the RSA 
cryptographic values are not authentic if p' and q' are 
values outside the entity defined s^egments of the first 
and second intervals. 



19. A method according to Claim 17, wherein the 
fir^t of the two prime numbers is a smaller of the two 
prim^^ numbers . 

\ 

2C\. A method according to Claim 17, wherein the 
step of recovering first and second candidate seed 
values Wp\ and W^' from the first and second candidate 
cryptograpl^ic values p* and q* and from the third 
5 publicly knqwn seed value IV comprises the steps of: 
inverseXmapping the second candidate value q' to 
provide a firssj: initial value S^; 

EXCLUSIVE t^Ring the first candidate cryptographic 
value p' and IVp^^ 
10 mixing the EXCLUSIVE OR of the first candidate 

cryptographic valu^p' and IVp with the publicly known 
mixing function; \ 

EXCLUSIVE ORing 't^he mixed EXCLUSIVE OR of the 
first candidate • crypto^aphic value p* and IVp with IV^ 
15 to provide a first known\value (N^) having a length (j); 
determining if a val^e corresponding to the j 
least significant bits of ^ is less than the first 
known value N^; 

EXCLUSIVE ORing the n-j kost significant bits of 
20 the mixed concatenation of theXfirstu candidate 

cryptographic value -p' and IVp wYth the n-j most 
significant bits of S^ if the value corresponding to the 
j least significant bits of the fiVst subsequent value 
is not less than the first known vaVue Nq, to provide 
25 the second candidate seed value; 

EXCLUSIVE ORing the n-j most significant bits of 
the mixed concatenation of the first caradidate 
cryptographic value p' and IVp with 1 suli^racted from 
the value corresponding to the n-j most significant 
30 bits of Sq if the value corresponding to the. j least 

significant bits of the first subsequent valae is less 
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ide a second initial value Sp; 



^than the first known value N^, to provide the second 
:andidate seed value; 

inverse mapping the first candidate value p' to 

pr<^ 

concatenating the second candidate seed value and 

IVq; 

mixing the concatenation of the second candidate 
seed vaJvue and IV^ with the publicly known mixing 
function A 

EXCLl>SIVE ORing the mixed concatenation of the 
second cand>^date seed value and IV^ with IVp to provide 
a second kno^n value Np having a length (j); 

determining if a value corresponding to the j 
least significant bits of Sp is less than the second 
known value Np; 

EXCLUSIVE ORVng the n-j most significant bits of 
the mixed concaten\ation of the second candidate seed, 
value and IV^ with tNhe n-j most significant bits of Sp 
if value corresponding to the j least significant bits 
of the second subsequent value is not less than the 
second known value Np, ts^o provide the first candidate 
seed value; 

EXCLUSIVE ORing the iV-j most significant bits of 
the mixed concatenation of Vhe second candidate seed 
value and IVq with 1 subtracted from the value 
corresponding to the n-j most\signif icant bits of Sp if 
the value corresponding to theV) least significant bits 
of the second subsequent value i\§ less than the second 
known value Np, to provide the fii^st candidate seed 
value . 



21. A method according to Clain\ 20, wherein j is 
256 bits. 
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?^ . A system for generating an RSA cryptographic 
vfe]^e, utilizing entity specific information (B) about 
aA entity, a first secret seed value (Wp) and a second 
searet seed value (W^) , and a third, publicly known, 
randomization value (IV) having a first portion (IVp) 
and ^ second portion (IV^), comprising: 

leans for dividing a potential range of RSA 
encrypiiion values into a first interval and a second 
interval 

mear^ for generating a first initial value (XXp) 
based on t^e first secret seed value (Wp) , the second 
secret seed\ value (W^) and the first portion of the 
third randomization value (IVp); 

means fo^ mapping the first initial value to a 
entity specifi^ segment of the first interval utilizing 
the obtained entity specific information (B) to provide 
a mapped first initial value (Xp) ; 

means for seliecting a first entity dependent RSA 
cryptographic valueX (p) from the entity specific 
segment of the f irstXinterval utilizing the mapped 
first initial value asv a starting point for a search 
for the first entity dependent RSA cryptographic valued- 
means for generating a second initial value (XX^) 
based on the first entityXdependent RSA cryptographic 
value (p) , the second secret seed value (W^) and the 
first portion of the third ri^ndomization value (IV^); 

means for mapping the seJsond initial value to a 
entity specific segment of theXsecond interval 
utilizing the obtained entity specific information to 
provide a mapped second initial vsilue (X^) ; and 

means for selecting a second entity dependent RSA 
cryptographic value (q) from the entsity specific 
segment of the second interval utiliz\Lng the mapped 
second initial value as a starting poi\t for a search 
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23. A system according to Claim 22, further 
coViprising means for authenticating generated candidate 
RSA\cryptographic values. 

[A, A system according to Claim 23, wherein the 
means ior authenticating comprises: 

mea^ns for recovering two candidate prime values 
utilizing the RSA public modulus (n) and the private 
signatureX exponent (d) of the encrypted message; 

meansXfor establishing a first of the two prime 
values as a\ first candidate cryptographic value (p') 
and the seccVid of the two prime values as a second 
candidate cryptographic value (q' ) ; 

means fo A recovering first and second candidate 
seed values Wp'Xand W^* from the first and second 
candidate cryptoigraphic values p' and q* and from the 
third publicly known seed value IV; 

means for generating first and second RSA 
cryptographic values p'' and q'' utilizing Wp ' and W^' 
and IV; and 

means for comparing p' and p' ' and q' and q' ' to 
authenticate the message. 



A computer progoram product for generating an 
RSA /cryptographic value, iitilizing entity specific 
information (B) about an enVity, a first secret seed 
value (Wp) and a second secret seed value (W^) , and a 
third, publicly known, randomization value (IV) having 
a first portion (IVp) and a second portion (IV^), 
comprising : 
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a computer readable storage medium having computer 
readable program code embodied in said medium, said 
10 cor^iputer readable program code comprising: 

computer readable code which divides a potential 
ran^ of RSA encryption values into a first interval 
and A second interval; 

Qomputer readable code which generates a first 
15 initia1\^ value (XXp) based on the first secret seed value 
(Wp) f th^ second secret seed value (W^) and the first 
portion of the third randomization value (IVp) ; 

computer readable code which maps the first 
initial va^^ue to a entity specific segment of the first 
20 interval utiSlizing the obtained entity specific 

information (fe) to provide a mapped first initial value 
(Xp) ; \ 

computer readable code which selects a first 
entity dependent \RSA cryptographic value (p) from the 
25 entity specific segment of the first interval utilizing 
the mapped first iAs^tial value as a starting point for 
a search for the fir^t entity dependent RSA 



cryptographic val 



ue; \ 



i-I computer readable\code which generates a second 



base\^ 



^l=f 30 initial value (XXg) base(d on the first entity dependent 



RSA cryptographic value (V) , the second secret seed 
value (Wq) and the first portion of the third 
randomization value (IV^); 

computer readable code v)hich maps the second 
35 initial value to a entity spec\fic segment of the 

second interval utilizing the obtained entity specific- 
information to provide a mapped second initial value 
(Xq) ; and 

computer readable code which sfelects a second 
40 entity dependent RSA cryptographic vklue (q) from the 
entity specific segment of the second Ninterval 
utilizing the mapped second initial val\e as a starting 
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)oint for a search for the second entity dependent RSA 
cVyptographic value. 



26. A computer program product according to Claim 

25, further comprising computer readable code which 
authef^ticates generated candidate RSA cryptographic 
values \ 

\ 

27. \a computer program product according to Claim 

26, wherei\ the computer readable code which 
authenticates comprises : 

compute A^readable code which recovers two 
5 candidate prim^ values utilizing the RSA public modulus 
(n) and the pri\ate signature exponent (d) of the 
encrypted message^; 

computer reac^-^ble code which establishes a first 
of the two prime values as a first candidate 
10 cryptographic value iJyP * ) and the second of the two 

prime values as a second candidate cryptographic value 

(q'); \ 

computer readable cc^^de which recovers first and 

second candidate seed values Wp' and W^' from the first 
15 and second candidate cryptographic values p' and q' and 

from the third publicly known, seed value IV; 

computer readable code wlrich generates first and 

second RSA cryptographic values\p'' and q'' utilizing 

Wp' and Wq' and IV; and 
20 computer readable code which Vompares p' and p'* 

and q' and q'' to authenticate the message. 
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